Information Security Policy

Basic Principle

MC Digital, Inc. (“Company”) considers the client information and other information assets it handles over the course of its business activities as of critical importance. Personnel handling information assets, including officers and employees trained in understanding the importance of protecting these information assets from the risk of leakage, damage, loss, etc., strictly comply with this policy to ensure the confidentiality, integrity, and availability of information assets.

Basic Policy

  1. To protect information assets, the Company formulates an information security policy and associated regulations, and conducts business in accordance with the above, as well as with laws, regulations, and other norms concerning information security. Besides, the Company strictly complies with contractual matters agreed upon in contracts with customers.

  2. The Company clarifies the criteria used to analyze and evaluate risks such as leakage, damage, and loss of information assets, establishes a systematic risk assessment method and conducts risk assessments regularly. In addition, the Company implements necessary and appropriate security measures based on the results of the above.

  3. The Company establishes an information security system that revolves around key officers and clarifies their authority and responsibility as concerns information security. Besides, all employees are regularly educated and trained to recognize the importance of information security and to ensure proper handling of information assets.

  4. The Company regularly reviews and audits compliance with its information security policy and the handling of information assets, and promptly takes corrective measures for any issues found.

  5. In addition to taking measures for information security events and incidents, the Company establishes a response procedure in advance to minimize damage from said events. In the case of emergencies, it responds promptly and takes appropriate corrective actions. For incidents relating to a disruption of business, the Company establishes a system for the management thereof and periodically reviews it to ensure the continuity of its business.

  6. The Company establishes and implements an information security management system that sets specific goals for implementation of this basic policy, and continuously reviews the system and improves it.

Created October 6, 2020
MC Digital, Inc.
Takuya Hirakuri, President